OpenVAS is a fork of the previously open source Nessus scanning tool after Tenable Network Security changed it to a proprietary license in October 2005.
yum update yum install -y wget bzip2 net-tools wget -q -O - http://www.atomicorp.com/installers/atomic | sh yum install openvas vi /etc/redis.conf # uncomment two unixsock lines systemctl disable firewalld systemctl stop firewalld systemctl enable redis systemctl start redis systemctl status redis sed -i 's/enforcing/disabled/g' /etc/selinux/config /etc/selinux/config reboot sestatus openvas-setup # this takes half an hour https://IP-address:9392 vi /etc/sysconfig/gsad # change port to 443 systemctl restart gsad systemctl | grep gsad nestat -an | grep listen openssl s_client -connect localhost:443 wget --no-check-certificate https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup bash openvas-check-setup openvasmd --rebuild --progress # point you browser to https://IP-address
CLI:
https://kb.scanarch.com/How-to-scan-for-vulnerabilities-with-OpenVAS/
https://github.com/c610/tmp/blob/master/code16.py
LINE 21: correction : netstat -an | grep LISTEN
ReplyDeleteLINE 21 : better : netstat -an | grep tcp | grep LISTEN
Also,
LINE 24 : bash openvas-check-setup --v9
the rest is amazing; thank you for the guidence!